Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

SilverStripe causing users to trip a mod_security rule?


Reply


817 Views

Avatar
purplespider

Community Member, 82 Posts

29 March 2011 at 10:58pm

I run several SilverStripe sites on my server. Ever since I launched one the sites, I've been receiving at least 2 e-mails every day, saying mod_security has permanently blocked a user accessing this site as they tripped one of the mod_security rules.

The exact log entries are:

[Wed Mar 16 13:01:08 2011]
[error]
[client 194.176.105.47]
ModSecurity: Access denied with code 501 (phase 2).
Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required.
[file "/usr/local/apache/conf/modsec2.user.conf"]
[line "38"]
[id "960032"]
[msg "Method is not allowed by policy"]
[severity "CRITICAL"]
[tag "POLICY/METHOD_NOT_ALLOWED"]
[hostname "eusos.esicm.org"]
[uri "/assets"]
[unique_id "TYC0lG17QnoAAFBVOhIAAAAF"]

Usually it blocks them after 5 of these.

It appears to be saying that the user tried to use a method other than POST, GET, OPTIONS or HEAD.

The site receives roughly 100 visits a day, and I receive at least 2 or 3 emails per day with this error. All from different users, sometimes from users I know are definitely genuine.

So I suppose I'd like to know the following:
- What is causing the users to trip this rule? Is it SilverStripe?
- What can I do to stop legitimate users getting blocked?
- Is it safe to just disable this rule?

Any advice would be much appreciated.

Thanks
James